Data Subject Rights

The collection of rights that privacy laws grant to individuals regarding their personal data. Under GDPR, these include the right to be informed (transparent information about processing), right of access (obtain copies of personal data), right to rectification (correct inaccurate data), right to erasure (deletion in certain circumstances), right to restrict processing (limit how data is used), right to data portability (receive data in portable format), right to object (oppose certain processing), and rights related to automated decision-making and profiling. CCPA/CPRA grants rights to know what data is collected, delete personal information, opt-out of sale/sharing, correct inaccurate information, and non-discrimination. Different jurisdictions provide varying rights, but the trend is toward comprehensive individual control. Organizations must provide mechanisms for exercising rights, respond to requests promptly, and demonstrate respect for rights through policies and practices.